Supply Chain CLI¶
python -m ghastoolkit.supplychain --help
Organization Audit¶
The CLI mode allows you to audit an entire organization to see if:
If a repository has an unwanted license
If a repository has an unknown license by GitHub
To use this, we need to enable the org-audit mode in the supplychain cli:
python -m ghastoolkit.supplychain org-audit \
-r "org/repo"
The only required argument is the -r/--repository which sets the owner and
repository for ghastoolkit.
You can also update the licenses you want to check for using --licenses,
using , as a separater, and widecards to help with versions of licenses.
python -m ghastoolkit.supplychain org-audit \
-r "org/repo" \
--licenses "MIT*,Apache*"
Finally you can also set the --debug flag to see the different repositories
being analysed:
python -m ghastoolkit.supplychain org-audit \
-r "org/repo" \
--debug
